If you have extra public IP's, create a segregated vlan that is part of the subnet the outside of your firewall. 'Course they'd have to provide their own virus protection, but that's not really your problem since they wouldn't be on your network. From your point of view it'd be no different than if they were at their office, unless you allow all kinds of incoming traffic for that subnet. -Shawn ----- Shawn R. Quillman Robert Bosch Corporation RBNA/CIT1.1 38000 Hills Tech Drive Farmington Hills, MI 48331 (248) 553-1164 (P) (248) 848-2855 (F) shawn.quillman@xxxxxxxxxxxx -----Original Message----- From: David V. Dellanno [mailto:ddellanno@xxxxxxxxxx] Sent: Wednesday, May 28, 2003 6:50 AM To: [ISAserver.org Discussion List] Subject: [isalist] ISA Design Question: Best Practice http://www.ISAserver.org http://www.ISAserver.org Hi everyone, What is the best way to provide only internet access to your corporate guest or contractors in your small but highly-secure single forest, single domain 20-50 user environment, with no manual configurations needed by the local administrator and no extra cabling or hardware? Example; Your company will be inviting in 10 minutes, five slimy sales guys that require to have internet access for their presentation but you do not want them to be nosey and snooping around your network. Example; Your company has a development lab that periodically will allow contractors to work in, but the contractors brings in their own laptops to work on and they need to have internet access to read their mail, again you don't want the contractors to have access to your development visual source safe nor snooping around your network but your chief developer is breathing down your neck to give the contractors what they need in 30 minutes.'' I know this sounds a bit exaggerated but I wanted to know if there is a way for the contractors or slimy sales guys dhcp clients, to be separated virtually off the corporate network with no interaction from the local administrator? Can ISA control this or is this as simple as getting a VLAN switch? _____ David V. Dellanno - MCSE, MCP+I, MCP MSDEMO Consultants Williams Place 2564 Bridgewood Lane Snellville, Georgia 30078 USA (770) 736-8794 (Office) <http://msdemo.net/> msdemo.net Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?typeúQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: shawn.quillman@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')
Attachment:
MCSE-RGB 112x53.GIF
Description: GIF image
Attachment:
MCP+I-RGB 112x62.GIF
Description: GIF image
Attachment:
MCP-RGB 112x51.GIF
Description: GIF image